package tw.com.msig.b2c.car.security.service.impl;


import org.apache.commons.codec.digest.DigestUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import tw.com.msig.b2c.car.common.exception.ApplicationException;
import tw.com.msig.b2c.car.security.dao.UserDao;
import tw.com.msig.b2c.car.security.service.AuthService;
import tw.com.msig.b2c.car.security.vo.UserVo;

public class AuthServiceImpl implements AuthService {
	
	private Logger log = LoggerFactory.getLogger(this.getClass());

	private UserDao userDao;
	
	public void setUserDao(UserDao userDao) {
		this.userDao = userDao;
	}

	@Override
	public boolean login(String account, String password) {
		// check account is NOT empty and password is NOT empty
		
		//  check user exist ?
		UserVo user = userDao.findByAccount(account);
		log.debug("{}", user);
		
		if(user == null) {
			throw new ApplicationException("error.account.notfound");
		}
		
		String passwordMD5 = DigestUtils.md5Hex(password);
		
		if(! passwordMD5.equals(user.getPassword())) {
			throw new ApplicationException("error.password.invalid");
		}
		
		return true;
	}

}
